Soon, they posted the PII of thousands of Fast Company employees’ details on a hacker forum, but no customer or advertiser details were involved in the leak.
Resurfacing Fast Company Website
Fast Company, the business-focused news publication that has been shut down for the past eight days, is now back up to its routine. To the unknown, the company’s website was hit by a cyberattack on September 25th, leading to its defacement. But it wasn’t until September 27th – when the second attack occurred – triggered the company to take it offline and review its norms. Apple News users who subscribed to the Fast Company news received a couple of racial slurs and obscene push notifications sent by the threat actors who controlled the website then.
— Apple News (@AppleNews) September 28, 2022 They even posted how they had breached the Fast Company’s network – by gaining an easy-to-crack password for its WordPress CMS and re-used it for its other accounts – and were able to hold on to its Apple News API keys and the authentication tokens, which gave them access to employees PII. Hackers soon posted the stolen data of the defaced website to a forum from an account named Thrax, which has a dump of 6,737 employee records that include emails and password hashes for some of them and unpublished drafts. Throughout this time, the company kept posting its content on other platforms like LinkedIn, Instagram, Facebook, TikTok, and Medium. Well, as its website is back, the editor-in-chief Brendan Vaughan said no data belonging to its customers or advertisers had been leaked. Without explaining much of the situation, since it’s still under investigation, he said concerning steps to safeguard against further attacks have been taken.